Search the Community
Showing results for tags 'wikileaks'.
Found 3 results
OKQL posted a topic in Stiri securitateHive Today, 9 November 2017, WikiLeaks publishes the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware. Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention. Using Hive even if an implant is discovered on a target computer, attributing it to the CIA is difficult by just looking at the communication of the malware with other servers on the internet. Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA. Hive can serve multiple operations using multiple implants on target computers. Each operation anonymously registers at least one cover domain (e.g. "perfectly-boring-looking-domain.com") for its own use. The server running the domain website is rented from commercial hosting providers as a VPS (virtual private server) and its software is customized according to CIA specifications. These servers are the public-facing side of the CIA back-end infrastructure and act as a relay for HTTP(S) traffic over a VPN connection to a "hidden" CIA server called 'Blot'. The cover domain delivers 'innocent' content if somebody browses it by chance. A visitor will not suspect that it is anything else but a normal website. The only peculiarity is not visible to non-technical users - a HTTPS server option that is not widely used: Optional Client Authentication. But Hive uses the uncommon Optional Client Authentication so that the user browsing the website is not required to authenticate - it is optional. But implants talking to Hive do authenticate themselves and can therefore be detected by the Blot server. Traffic from implants is sent to an implant operator management gateway called Honeycomb (see graphic above) while all other traffic go to a cover server that delivers the insuspicious content for all other users. Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated. The documentation for Hive is available from the WikiLeaks Vault7 series. Source: wikileaks.org
dred1 posted a topic in Stiri securitate### Punchline ### Stratfor is just The Economist a week later and several hundred times more expensive. ### Article ### On June 2, 2009, Anya Alfano of Stratfor, which describes itself as a private "global intelligence company," sent an email to a colleague requesting some global intelligence on a certain trans-national civilian group on behalf of a powerful international client. That email has now been released to the world, along with five million others like it, by global transparency group Wikileaks, thus revealing Stratfor's shadowy scheme. According to Anya Alfano's email, Stratfor's target was PETA, the animal rights group, and its client Coca-Cola. Their top secret mission was to find out "How many PETA supporters are there in Canada?" and other tantalizing global secrets that could only be secured through such top-secret means as calling PETA's press office or Googling it. Alfano concluded her chilling email, "I need all the information our talented interns can dig up by COB tomorrow." Shortly before the release, Wikileaks told the world to prepare for "extraordinary news." In announcing today's release, Wikileaks describes Stratfor as "a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations." The group's announcement says that the released emails "show Stratfor's web of informers, pay-off structure, payment-laundering techniques and psychological methods" and calls the company "a money-making scheme of questionable legality." It adds, "The material shows how a private intelligence agency works, and how they target individuals for their corporate and government clients." Maybe what these emails actually reveal is how a Texas-based corporate research firm can get a little carried away in marketing itself as a for-hire CIA and end up fooling some over-eager hackers into believing it's true. The group's reputation among foreign policy writers, analysts, and practitioners is poor; they are considered a punchline more often than a source of valuable information or insight. As a former recipient of their "INTEL REPORTS" (I assume someone at Stratfor signed me up for a trial subscription, which appeared in my inbox unsolicited), what I found was typically some combination of publicly available information and bland "analysis" that had already appeared in the previous day's New York Times. A friend who works in intelligence once joked that Stratfor is just The Economist a week later and several hundred times more expensive. As of 2001, a Stratfor subscription could cost up to $40,000 per year. It's true that Stratfor employs on-the-ground researchers. They are not spies. On today's Wikileaks release, one Middle East-based NGO worker noted on Twitter that when she met Stratfor's man in Cairo, he spoke no Arabic, had never been to Egypt before, and had to ask her for directions to Tahrir Square. Stratfor also sometimes pays "sources" for information. Wikileaks calls this "secret cash bribes," hints that this might violate the Foreign Corrupt Practices Act, and demands "political oversight." For comparison's sake, The Atlantic often sends our agents into such dangerous locales as Iran or Syria. We call these men and women "reporters." Much like Statfor's agents, they collect intelligence, some of it secret, and then relay it back to us so that we may pass it on to our clients, whom we call "subscribers." Also like Stratfor, The Atlantic sometimes issues "secret cash bribes" to on-the-ground sources, whom we call "freelance writers." We also prefer to keep their cash bribes ("writer's fees") secret, and sometimes these sources are even *********. So why do Wikileaks and their hacker source ********* seem to consider Stratfor, which appears to do little more than combine banal corporate research with media-style freelance researcher arrangements, to be a cross between CIA and Illuminati? The answer is probably a combination of naivete and desperation. Wikileaks chief Julian Assange, after all, felt comfortable taking credit for the Egyptian revolution; how good can his understanding of world events, and the actors shaping them, really be? *********, which tried and failed to hack the Vatican's websites, doesn't appear to have much of an ideology beyond mischief-making. Wikileaks has been declining rapidly since first releasing Bradley Manning's trove of U.S. diplomatic cables; their finances are shrinking, their organization disintegrating (due in part to what former employees describe as Assange's poor leadership), and their credibility with his past media partners is mostly gone. Assange would probably like to regain some of his former glory; Wikileaks' 2010 release of video from a U.S. army helicopter in Iraq sparked a small international incident and won praise from much of the media, including me. What better way to do it than by taking on an easy target and then claiming you'd exposed an international corporate-imperialist conspiracy? Stratfor is not the shadow-CIA that Wikileaks seems to believe it is, but much of the blame for this mistake actually lies with Stratfor itself. The group has spent over a decade trying to convince the world that it is a for-hire, cutting-edge intel firm with tentacles everywhere. Before their marketing campaign fooled *********, it fooled wealthy clients; before it fooled clients, it hooked a couple of reporters. A breathless October 15, 2001, Barron's cover story called Stratfor "a private quasi-CIA," the evidence for which appears to be this quote from Stratfor chief George Friedman: "The CIA has to spend thousands of dollars a month to have an agent in, say, Teheran or Peshawar to monitor local newspapers or political developments that we can find on the Internet within a few hours." In other words, they have Google. But Stratfor's first big break had come in 1999 with a spate of glowing articles such as this January piece in Time, which reported Stratfor's "striking" theory that the U.S. bombing of Iraq in December 1998 was "actually designed to mask a failed U.S.-backed coup." That theory, like so much of Stratfor's "intelligence," was discredited long ago. ### Source ### Stratfor Is a Joke and So Is Wikileaks for Taking It Seriously - Max Fisher - International - The Atlantic ### Personal Opinion ### Articolul se leaga de Wikileaks degeaba, care nu au facut altceva decat sa publice informatiile. Poate ca au impopotonat anuntul, dar se practica, se numeste marketing. Totusi ideea din punchline e buna. Am citit rapoarte de la diverse firme de "intelligence" care erau fie foarte proaste, fie defazate (informatiile erau deja vechi si disponibile publicului larg), fie cu mult limbaj pompos si fara informatie. Am citit si rapoarte bune, dar putine ca numar.
ZeroCold posted a topic in Stiri securitateAplicatie DOS ce poate pune la pamant 90% din serverele lumii Cei care urmaresc subiectul destul de controversat ce a atras atentia planetei – Wikileaks, probabil au auzit si de faptul ca site-ul este vanat de tot ce tine internet in ziua de astazi. Totusi, subiectul de azi nu trateaza aceasta companie foarte curajoasa ci modul cum au avut de suferit din partea unui om ce se intituleaza “hacktivist”. Th3j35t3r este cel care a luat asupra sa vina conform careia Wikileaks a avut de suferit in urma cu cateva zile privind stabilitatea site-ului. Practic cei de la Wikileaks au confirmat ca se afla sub un atac DDOS, dar persoana despre care discutam a afirmat ca el a demarat atacul. Nimic neobisnuit pana acum, probabil va ganditi la o armata de zombie controlata de un botnet foarte bine pus la punct. Total gresit! Conform infosecisland.com The Jester ataca Wikileaks folosind o aplicatie creata de el ce exploateaza o vulnerabilitate foarte grava a serverelor Apache, nemaiavand nevoie de o armata de calculatoare subordonate ce trimit pachete pentru a pune la pamant un site. Astfel, de la un atac DDOS ajungem la un atac coordonat de un singur computer si de o singura persoana – atac DOS. Conform autorului aceasta aplicatie este inovativa din trei puncte de vedere : Editat de Nemessis (e articolul lor, dati-le traficul ca asa e normal) - Articol complet la http://www.worldit.info/articole/aplicatie-dos-ce-poate-pune-la-pamant-90-din-serverele-lumii/ Mai multe detalii aici, aici si aici. ____________________________________________ #sursa: worldit.info.